Discussions

@JoshRoss: Oh, what a horrible game! Wasn't that the first DirectX game?

I don't think so - DirectX was released after Windows 95, but Hover! was included in the Windows 95 CD. Windows did support a few other game APIs, like WinG so it's not like the game was done with GDI.

But Hover doesn't match the OP's description - it does have hovercraft and has you collecting flags, but its a first-person game with real-time control and doesn't have any customizable loadouts beyond collectable powerups.

I've been signed-up for the beta for a while now. I still haven't received my invitation yet.

It's a great idea - and of course it won't be the success reCaptcha was - reCaptcha has the benefit of tens of millions of daily users ('workers') with an unlimited amount of work that needs doing - thanks to automated book-scanning.

With language-learning it's different - both the number of workers and the amount of work that needs doing is substantially smaller, and besides people seem happy with products like Rosetta Stone and language tapes which work when you're not at a computer.

The soviet central committee tried this and failed miserably. the state run farms under produced the small private plots of land.

The Soviet system was rife with corruption and other human-factors. Of course communism doesn't work in reality - but plenty of ideas it takes (to their logical extremes) have a firm evidential basis - such as the principle that the state should serve its citizens directly and apply directed social-engineering (the sociological kind, not the penetration-attack kind) to achieve results - it's just so unfortunate that many of their grand experiments (such as the Five Year Plan and the Great Leap Forward) failed so miserably.

My mantra is "evidence-based decision-making" - choose the option that has the most evidence supporting its case, rather than emphasising simple (or "pure") ideology. In this case, the styles of government and social systems well-established in Western Europe (Germany, Scandinavia, etc) are all doing so well that Germany is capitalising on the misfortune (and mismanagement) of Greece's internal finances to bankroll their bailout package and maintain one of the world's highest quality of life indexes. On that basis, how can it be said that socialism is "bad", "doesn't work", or "evil" considering the evidence is right there, 400 miles from my doorstep.

@W3bbo: I'm not convinced you could meaningfully explain the properties of security groups using a venn diagram anyway, it'd just get too complex. And trying to do it hierarchically is pointless, because security groups don't follow a strict hierarchy in their behaviours.

I still don't understand what the OP is trying to accomplish. If someone asked me to describe Windows security in an AD environment I'd just use simple bullet-points:

A "User" is an identity that exists within the system that provides a context for doing something. You run Winword under the "Chris" User account so it has access to Chris' files. Windows services run under the "SYSTEM" identity and has root access.

Actions happen under a User's credentials after it has been authenticated - which happens either locally on your machine, or against a central server, which is why you can log-on to any computer in the office (because they share the the same central authentication server) but you can't use your home computer's login details on our computers.

"Objects" - such as your files and folders in the filesystem, or protected company services (CertSrv?) have an "Access Control List" which simply say "this user A can do x, and this user B can do y, but not z" and so on. If an object exists in a hierarchy (folders, registry keys, OUs, etc) then often that object's ACL is inherited by its children, unless a child explicitly defines a new ACL.

Users themselves can be organised into Groups, which are collections of users and groups (it's type-recursive) - this simplifies Access Control Lists, so rather than adding every 'Employee' User to a shared folder's ACL, instead there would be a group called "Employees" and that entire group is added to the ACL.

Trust relationships are for when different organisations want to allow other users access to their systems (and vice-versa).

That's pretty much it - I don't understand how this could be modelled as a "chain" or how security "flows" at all.